URL: https://github.com/SSSD/sssd/pull/5376
Author: peptekmail
Title: #5376: Update cert.c
Action: opened
PR body:
"""
Sometimes generating a sshkey from a certificate fails.
Looking at other implementations gives a hint about 0x80
"""
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/5376/head:pr5376
git checkout pr5376
From 194af40efd737a30569305b994336ef37b988ad1 Mon Sep 17 00:00:00 2001
From: peptekmail <peptekm...@gmail.com>
Date: Sun, 25 Oct 2020 23:20:11 +0100
Subject: [PATCH] Update cert.c
Sometimes generating a sshkey from a certificate fails.
Looking at other implementations gives a hint about 0x80
---
src/util/cert/libcrypto/cert.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/src/util/cert/libcrypto/cert.c b/src/util/cert/libcrypto/cert.c
index acca07dd04..cd69f88094 100644
--- a/src/util/cert/libcrypto/cert.c
+++ b/src/util/cert/libcrypto/cert.c
@@ -340,7 +340,8 @@ static errno_t rsa_pub_key_to_ssh(TALLOC_CTX *mem_ctx, EVP_PKEY *cert_pub_key,
/* Adding missing 00 which AFAIK is added to make sure
* the bigint is handled as positive number */
/* TODO: make a better check if 00 must be added or not, e.g. ... & 0x80)
- */
+ * We have a problem here, the exponent should also be padded of it ends with 0x80
+ */
SAFEALIGN_SET_UINT32(&buf[c], htobe32(modulus_len + 1), &c);
SAFEALIGN_SETMEM_VALUE(&buf[c], '\0', unsigned char, &c);
safealign_memcpy(&buf[c], modulus, modulus_len, &c);
_______________________________________________
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org
